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Amendm *"* 6 tn Claims: 

This listing of claims will replace all prior versions and listings of claims in the instant 
application: 

Listing of Claims: 

1. (Original) A method for performing secured communications between a Voice 
Browser and a network device, said Voice Browser and network device exchanging 
VoiceXML-based Web content comprising the steps of: 

transmitting a request to the network device to establish a secured communication 
session between the Voice Browser and the network device; 

authenticating the network device; 

subsequent to said authentication, negotiating a shared secret between the network 

device and the Voice Browser; 

encrypting the VoiceXML-based Web content using said shared secret as an 

encryption key; 

exchanging the encrypted VoiceXML-based Web content between the network 
device and the Voice Browser; and, 

decrypting the VoiceXML-based Web content using said shared secret as a 

decryption key. 

2. (Original) The method of claim 1, wherein said step of authenticating the 

network device comprises the steps of: 

transmitting a digital certificate from the network device to the Voice Browser, said 
digital certificate having a public key and a reference to a certificate authority, and, 

validating said certificate authority. 
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3. (Original) The method of claim 2, wherein said digital certificate is an X.509- 
compliant digital certificate. 

4. (Original) The method of claim 1 , further comprising the step of authenticating 
the Voice Browser. 

5. (Original) The method of claim 4, wherein said step of authenticating the Voice 

Browser comprises the steps of: 

transmitting a digital certificate from the Voice Browser to the network device, said 
digital certificate having a public key and a reference to a certificate authority, and, 

validating said certificate authority. 

6. (Original) The method of claim 5, wherein said digital certificate is an X.509- 
compliant digital certificate. 

7. (Original) The method of claim 2, wherein said step of authenticating the 
network device further comprises the step of challenging the network device. 

8. (Original) The method of claim 5, wherein said step of authenticating the Voice 
Browser further comprises the step of challenging the Voice Browser. 

9. (Original) The method of claim 7, wherein said step of challenging the network 

device comprises the steps of: 

encrypting a message using said public key contained in said digital certificate; 

transmitting said encrypted message from the Voice Browser to the network device; 

decrypting said encrypted message using a private key corresponding to said public 
key; and, 

transmitting the decrypted message to the Voice Browser. 
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10. (Original) The method of claim 8, wherein said step of challenging the Voice 

Browser comprises the steps of: 

encrypting a message using said public key contained in said digital certificate; 

transmitting said encrypted message from the network device to the Voice Browser; 

decrypting said encrypted message using a private key corresponding to said public 
key; and, 

transmitting the decrypted message to the network device. 

11. (Original) The method of claim 1, wherein said negotiating step comprises me 
steps of: 

generating a key for use in a symmetric cryptographic algorithm; 
encrypting said generated key with said public key, 
transmitting said encrypted key to the network device; and, 

decrypting said key in the network device with a private key corresponding to said 
public key. 

12. (Original) The method of claim 1, wherein said negotiating step comprises the 
steps of: 

generating a key for use in a symmetric cryptographic algorithm; 
encrypting said generated key with said public key; 
transmitting said encrypted key to the Voice Browser, and, 

decrypting said key in the Voice Browser with a private key corresponding to said 
public key. 

13. (Original) The method of claim 1, further comprising the steps of: 
exchanging a list of supported symmetrical cryptographic algorithms for the network 

device and the Voice Browser; 

selecting a symmetrical cryptographic algorithm from said list; and, 
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performing said encrypting and decrypting steps using said selected symmetrical 
cryptographic algorithm. 

14. (Original) The method of claim 1 , wherein said Voice Browser is a VoiceXML 
Browser Server. 

15. (Original) A method for performing secured communications in a Voice 
Browser comprising the steps of: 

transmitting a request from the Voice Browser to a network device for a secure 
communications session between the Voice Browser and the network device; 

receiving from the network device a digital certificate containing a public key and a 
reference to a certificate authority. 

authenticating the network device based on the digital certificate; 

subsequent to said authentication, negotiating a shared secret with the network 

device; 

encrypting data using said shared secret as an encryption key and transmitting said 
encrypted data to the network device; and, 

receiving encrypted Web content from the network device and decrypting the Web 
content using said shared secret as a decryption key. 

16. (Original) The method of claim 15, wherein said transmitting step further 

comprises the step of: 

transmitting to said network device a list of supported encryption algorithms for use 

in said encryption and decryption steps, 

said network device selecting an encryption algorithm from among said list. 

17. (Original) The method of claim 16, wherein said data is encrypted using said 
selected encryption algorithm and said Web content is decrypted using said encryption 
algorithm. 
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18. (Original) The method of claim 15, wherein said digital certificate is an X.509- 
compliant digital certificate. 

19. (Original) The method of claim 15, wherein said Web content is a VoiceXML 
document. 

20. (Original) The method of claim 19, wherein said Voice Browser is a VoiceXML 
Browser Server. 

21. (Original) A machine readable storage, having stoTed thereon a computer 
program for performing secured communications between a Voice Browser and a network 
device, said Voice Browser and network device exchanging VoiceXML-based Web content, 
said computer program having a plurality of code sections executable by a machine for 
causing the machine to perform the steps of: 

transmitting a request to the network device to establish a secured communication 
session between the Voice Browser and the network device; 
authenticating the network device; 

subsequent to said authentication, negotiating a shared secret between the network 

device and the Voice Browser; 

encrypting the VoiceXML-based Web content using said shared secret as an 

encryption key, 

exchanging the encrypted VoiceXML-based Web content between the network 
device and the Voice Browser; and, 

decrypting the VoiceXML-based Web content using said shared secret as a 

decryption key. 

22. (Original) The machine readable storage of claim 21, wherein said step of 
authenticating the network device comprises the steps of: 
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transmitting a digital certificate from the network device to the Voice Browser, said 
digital certificate having a public key and a reference to a certificate authority, and, 
validating said certificate authority. 

23. (Original) The machine readable storage of claim 22, wherein said digital 
certificate is an X.509-compliant digital certificate. 

24. (Original) The machine readable storage of claim 21, for further causing the 
machine to perform the step of authenticating the Voice Browser. 

25. (Original) The machine readable storage of claim 24, wherein said step of 
authenticating the Voice Browser comprises the steps of: 

transmitting a digital certificate from the Voice Browser to the network device, said 
digital certificate having a public key and a reference to a certificate authority; and, 
validating said certificate authority. 

26. (Original) The machine readable storage of claim 25, wherein said digital 
certificate is an X.509-compliant digital certificate. 

27. (Original) The machine readable storage of claim 22, wherein said step of 
authenticating the network device further comprises the step of challenging the network 
device. 

28. (Original) The machine readable storage of claim 25, wherein said step of 
authenticating the Voice Browser further comprises the step of challenging the Voice 
Browser. 

29. (Original) The machine readable storage of claim 27, wherein said step of 
challenging the network device comprises (he steps of: 
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encrypting a message using said public key contained in said digital certificate; 
transmitting said encrypted message from the Voice Browser to the network device; 
decrypting said encrypted message using a private key corresponding to said public 
key; and, 

transmitting the decrypted message to the Voice Browser. 

30. (Original) The machine readable storage of claim 28, wherein said step of 
challenging the Voice Browser comprises the steps off 

encrypting a message using said public key contained in said digital certificate; 
tnmsmitting said encrypted message from the network device to the Voice Browser; 
decrypting said encrypted message using a private key corresponding to said public 
key; and, 

transmitting the decrypted message to the network device. 

3 1 . (Original) The machine readable storage of claim 21 , wherein said negotiating 

step comprises the steps of: 

generating a key for use in a symmetric cryptographic algorithm; 
encrypting said generated key with said public key; 
transmitting said encrypted key to the network device; and, 

decrypting said key in the network device with a private key corresponding to said 
public key. 

32. (Original) The machine readable storage of claim 21, wherein said negotiating 

step comprises the steps of: 

generating a key for use in a symmetric cryptographic algorithm; 
encrypting said generated key with said public key; 
transmitting said encrypted key to the Voice Browser, and, 

decrypting said key in the Voice Browser with a private key corresponding to said 
public key. 
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33. (Original) The machine readable storage of claim 21, for further causing the 

machine to perform the steps of: 

exchanging a list of supported symmetrical cryptographic algorithms for the network 

device and the Voice Browser; 

selecting a symmetrical cryptographic algorithm from said list; and, 

performing said encrypting and decrypting steps using said selected symmetrical 

cryptographic algorithm. 

34. (Original) The machine readable storage of claim 21, wherein said Voice 
Browser is a VoiceXML Browser Server. 

35. (Original) A machine readable storage, having stored thereon a computer 
program for performing secured communications in a Voice Browser, said computer 
program having a plurality of code sections executable by a machine for causing the 
machine to perform the steps of: 

transmitting a request from the Voice Browser to a network device for a secure 
communications session between the Voice Browser and the network device; 

receiving from the network device a digital certificate containing a public key and a 
reference to a. certificate authority. 

authenticating the network device based on the digital certificate; 

subsequent to said authentication, negotiating a shared secret with the network 

device; 

encrypting data using said shared secret as an encryption key and transmitting said 
encrypted data to the network device; and, 

receiving encrypted Web content from the network device and decrypting the Web 
content using said shared secret as a decryption key. 
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36. (Original) The machine readable storage of claim 35, wherein said transmitting 
Step further comprises the step of: 

transmitting to said network device a list of supported encryption algorithms for use 

in said encryption and decryption steps, 

said network device selecting an encryption algorithm from among said list 



37. (Original) The machine readable storage of claim 36, wherein said data is 
encrypted using said selected encryption algorithm and said Web content is decrypted using 
said encryption algorithm. 

38. (Original) The machine readable storage of claim 35, wherein said digital 
certificate is anX.509-compliant digital certificate. 

39. (Original) The machine readable storage of claim 35, wherein said Web content 
is a VoiceXML document. 

40. (Original) The machine readable storage of claim 39, wherein said Voice 
Browser is a VoiceXML Browser Server. 



10 



PAGE 14/18 s RCVD AT 9/10/2004 11:56:51 AM [Eastern Daylight Timer SVR:USPT0-EFXRF-1/3* DN1S:8729306 M CSID:5616596313 K DURATION (mm-$s):0448 



